How to prevent spam bots in WordPress sites with WP-reCAPTCHA

You must have seen these boxes with funky looking characters and symbols that have become increasingly visible on various contact forms as also on different social media registration forms like Facebook, Twitter etc. These are known as Captchas and they are primarily used to prevent spam bots on the site.

If you own a WordPress blog and are tired of spammers constantly spamming on your blog, Google’s Captcha plugin- WP reCaptcha is for you! The setup is a little harder, but it stands out to be one of the most effective captcha plugin if you really need to combat spammers as much as possible.

How to secure your Blog?

To start navigating this security plugin for your blog you need to download this WP-reCaptcha Plugin. Once you’re done installing the plugin, go to Dashboard> Settings> WP re-Captcha. On the plugin page, you’ll first see Authentication.

Note: While setting up web forms in CMS like WordPress, you need to have two keys for the reCaptcha to work. The public key and the private key. These keys are required in order for the reCaptcha code to function in your WordPress site.

You’ll get access to these keys from Google if you have a Gmail account. The following will explain how to get a free reCAPTCHA key from Google.

Generating a public and private reCAPTCHA key

Step 1: Log into your Gmail account. If you don’t have a gmail account, you’ll need to sign up for a gmail account.

Step 5: Type the domain name you are using the reCAPTCHA for. Select the checkbox “Enable this key on all domains (global key)” so you can use the same reCAPTCHA key for all your sites. Click Create Key.

Step 6. Google will have 2 keys generated for your site, a public and a private key. These are the reCAPTCHA keys you will use in your plugin’s page.

Authenticating Users and User Data

Back on the Plugin page, under the authentication tab you have two fields; one for the public key and one for the private key. All you need to do is put these keys which you just generated here.

In the Comments Option heading, click on Activation block to ‘enable for comments’. In the Registration Options heading, click on Activation block to enable for registration form. Save the reCaptcha changes. These two options will enable the captcha to be shown while registration ie while a new user is registering and while commenting. The Captcha would be displayed at the bottom of the registration page and comments page.

This is how the Captcha will appear on your registration screen:

MailHide Options to stop email spammers

You have to take a look at this..the extended functionality of reCaptcha plugin! You must have heard of email spamming. Some bots spam target your email id to send spam messages across the internet. With MailHide option of the reCaptcha plugin you can effectively avoid this. The process of using MailHide is pretty much the same, you will first need to get the API keys from here. On that page, under the Use the reCAPTCHA Mailhide API, click on Get an API key. Note down your public and private keys.

Back to your WordPress admin configuration reCaptcha put the API keys which you just generated. You can enable it for posts and pages, comments, RSS Feed of Posts and Pages and RSS feed of comments by clicking on their respective boxes for the ‘Use MailHide in’ option.

But where does the email captcha appear?

Basically the email captcha can appear anywhere on your WordPress site and for any user. This is because email ids could be present anywhere in your WordPress site’s database. When you configure the MailHide settings of the reCaptcha plugin, something like this will appear along with the user’s name(suppose his name is John) when he posts a comment: joh……[email protected]

This means that the email address will be hidden and can only be seen by real humans after they click on the partially hidden email and type in a CAPTCHA. If you have successfully configured this Captcha, you can verify this for your blog comments for any post.

Note: Unlike the Authentication option, you don’t have to enable the captcha on a particular email id or something. As email ids can be present anywhere, by default the plugin allows the captcha to appear once the partial email id is clicked.

Limitations of the Wp-reCaptcha Plugin

After having used the WP reCaptcha plugin we feel that the complex word combination of the Captcha could make it troublesome to read even for real humans. Secondly, you need to have a Google account if you want to access the services provided by this plugin.

It seems clear considering the plugin’s features and limitations that the Wp-reCaptcha is indeed a great addition when it comes to keeping your WordPress site away from spambots. It not only protects your WordPress sites comments and registration, but also protects emails against spam. One of the best features of the WP-reCaptcha plugin is that it is compatible with WordPress multisite. Just install it in the Network Admin Dashboard of your multisite.

What else could you ask for, go ahead and secure your WordPress sites.